It used to be if you signed up for a new checking account, a bank might throw off a toaster, alarm clock, or in extreme modern cases, a 1GB iPod shuffle. Well times, they are a'changing, and boy do we wish we lived in Canada right now. Up north, RBC Royal Bank is offering a free ASUS Eee PC when you switch to their checking account service. That's right, you get an actual computer after completing the move (and dealing with a lot of red tape). Sure, it's only the 7-inch, 2GB version, but it still runs Xandros way better than this solar calculator we got from our bank.

[Thanks, Matt]

Every so often, a gizmo crosses our path that truly makes us question the thought process of its creator(s). This particular Friday, that gizmo is the Blinger. This so-called "portable ATM" apparently enables users to whip out an oversized, one-trick-pony of a device and instantly send cash for wares, check your current level of fundage, calculate currency conversions and wonder why on earth they haven't invented this thing called "online banking." Oh, wait.

[Via InventorSpot]

VeriSign has already teamed up with PayPal to offer one-time use passwords on key fobs, but it looks like it's now found a way to make that additional layer of protection even more portable, partnering with Innovative Card Technologies Inc. to squeeze the disposable digits onto standard size bank cards. Apparently, you'll get a new password after each transaction you make online (displayed by pushing a button on the back of the card), making it theoretically impossible for anyone without the card to access your account, even if they somehow manage to get a hold of your regular password. While it's not clear when the cards will actually be put into use, VeriSign is promising to make an announcement about a "major bank" set to use the cards sometime this month.

Joining the infamous Chip & PIN terminal hacks as yet another way to siphon banking details from unlucky Londoners, a group of "malware purveyors" reportedly dropped off tempting Trojan-infused USB drives in a UK parking lot in hopes that unsuspecting individuals would take the bait and subsequently hand over their banking credentials. Supposedly, Check Point regional director Nick Lowe mentioned the wile at the Infosec trade show, but couldn't elaborate due to the ongoing investigation. Another insight suggested that such chicanery was becoming "the new phishing email," but hey, where's the love for those oh-so-vulnerable ATMs? Take note, dear Brits, that the free storage you're eying on the park bench could end up costing you quite a bit in the long run.

The long, long list of uber-secure USB flash drives continues to grow as paranoid data carriers attempt to protect their lab reports and award-winning recipe books, but Gemalto has a slightly different kind of security in mind with its latest USB smart cards. The forthcoming keys will function much like the Mighty Key already does, as it offers up phishing protection by requiring that users have the USB stick plugged into their computer before being able to access files, online banking accounts, or your secret stash of 90's anime. While the company already provides such security measures for governmental / enterprise agencies, the Network Identity Manager is purportedly tailored for the average joe, won't require "any specialized software," and will play nice with standard browsers. Additionally, the system will utilize a token management system and support Verisign's VIP Network Identity federation framework, but won't require users to carry around a perpetually changing key fob as does PayPal. Gemalto hopes to "simplify" user security and curb the growing phishing problems in America, but there's currently no word on when we'll see these protection measures available for sale here in the States.

Considering all the ATM hacking that's been going on of late, it's not all that surprising to see those "uber-secure" fingerprint readers hitting mini-banks in Japan and Columbia, and now a pilot program is getting set to install 15 biometric ATMs at "village kiosks in five districts across southern India." The fingerprint-reading machines are expected to serve around 100,000 workers, primarily farmers and other laborers, who will finally be able to withdraw funds directly from a machine rather than suffering through the corrupt hand-me-down process that often steals money away from already poor workers. AGS Infotech, who is supplying the first batch of systems for the trial, is interested in seeing if the system actually works out, as many villagers have trouble interacting with any type of computing interface, and because many villages have their own dialects, making a UI that can communicate to everyone is difficult. Of course, there are individuals who suggest that these systems will only incite crime, as thieves look to new methods (read: hacking a thumb or two) to extract funds, but proponents of the system say that this is no different than armed criminals forcing someone to give up their PIN number at gunpoint. Nevertheless, the trial is slated to start soon, and there's quite a few outsiders watching intently to gauge its eventual success or failure, as analysts predict that "over 100,000 ATMs" could be necessary to handle India's booming economy in the next few years.

Everyone relies on their ATM cards pretty frequently -- after all, there's no better (or, often, more necessary) way to start your evening than with a $40 quickdraw from your favorite local money machine. Well, you may want to think twice (that is, if you're among the paranoid security-minded types) next time you whip out that thin piece of plastic. A group of researchers at Algorithmic Research (ARX), an Israeli security firm, published a paper two weeks ago describing a very serious flaw inherent in most ATMs. Apparently, between the time that you input your PIN and the time that the machine spits out your cash, a dataset containing your PIN and account number is encrypted and decrypted a few times while being routed along the banking network -- and somewhere along that point, it's conceivable that those numbers could be intercepted. MSNBC reports that while no attacks using this method have been detected, the US Secret Service is already on the case, and that while Visa and the American Bankers Association are acknowledging the problem, both are dismissing the hacking scenario as being unlikely. Still, we might consider busting out that money belt sometime soon, getting the USSS on the job means it could be big. [Warning: PDF link]

[Via MSNBC]

As long as we're sitting about twiddling our thumbdrives waiting for one of those ubiquitous, near-field cellphone payment systems used by some more advanced societies for years, we might as well check out the options right? Enter MobiWallet from Jton Systems which combines SIM cards and a refillable, RFID debit payment system to make quick work of public transport and double-half-caff transactions. Start by defining a minimum balance and refill amount. The phone then ensures that you never leave home without by comparing the RFID balance with your minimum threshold and automatically negotiating a refill with the MobiWallet server when necessary. Great, now we just need a provider to go ahead and replace existing SIMs with RFID integrated cards and we're all set -- riiight. Combine with the RFID blocking wallet and voila, an infinite loop with seating for one.

While we were a bit skeptical when Chase sent us one of their questionably-secure RFID-equipped "Blink" cards last year, we're gonna be all over a new technology from several companies that actually gives credit cards a heigtened level of security by generating a one-time passcode for each transaction, viewable on an embedded e-ink display. The OTP DisplayCard, as it's being called, was developed by InCard Technologies in conjunction with security firm nCryptone using technology from SiPix Imaging and SmartDisplayer, and is being targeted at financial institutions or at other companies as a replacement for the password-generating key fobs used to enable VPN access to their intranets. While the added security feature would come into play for both online and in-person transactions, it will probably be most useful for Internet purchases, making your credit card info almost worthless to identity thieves who can't get their hands on the card itself. Oh, and to answer the inevitable question: no, these cards will not be able to play Doom.

[Via mobileread]